CYBER SECURITY AND CYBER CRIME 

Kupparaju Amrutha,

Koneru Lakshmaiah Education Foundation, College Of Law, Guntur.

INTRODUCTION

Cybercrime is a crime committed using computers, networking hardware, or networks for financial gain. It includes direct destruction, exploitation of networks, and disseminating malware. Cybercrime can involve ransomware attacks, email fraud, identity fraud, and theft of financial information. Cyber security is a strategy to protect against threats and illegal access to digital assets, including computers, networks, applications, and data. It involves defending against intrusions and assaults that could harm or take advantage of these systems.

CYBER SECURITY

Cyber-security is a crucial aspect of technology, processes, networks, and computer systems that protects data, privacy, and security against online attacks and unauthorized access. It involves a combination of methods, technologies, and procedures to ensure the integrity of computer equipment, employees, infrastructure, applications, services, and data in the cyber environment. Coordination across all information systems is essential for successful and efficient cyber security consolidation. Security standards help organizations research secure security approaches, while various tools, strategies, and technologies are available to safeguard user property and ensure the organization's security features are maintained.[i] 

As the digital world becomes more ingrained, the technology and computer sectors are constantly evolving, increasing the frequency of data breaches, information leaks, and cybercriminal attacks, necessitating stronger defense strategies.[ii] 

LAWS IN INDIA PROVIDE CYBER SECURITY

Cyber laws encompass the following Acts, Rules, and Regulations: 

•        Information Technology Act, 2000 

•        Information Technology (Certifying Authorities) Rules, 2000 

•        Information Technology (Security Procedure) Rules, 2004

•        Information Technology (Certifying Authority) Regulations, 2001 

CYBER SECURITY FRAMEWORKS (NCFS)

The National Institute of Standards and Technology (NIST) has approved the Cyber Security Framework (NCFS) to harmonize cyber security approaches. The framework aims to foster resilience and protect critical infrastructure by reducing risks, preventing data loss, and optimizing return on investment. India faces cyber security issues, losing nearly R. 1.25 lakh crore annually. Training is crucial for preventing internet hazards, and the government must dedicate resources to safeguarding data assets and updating cyber law to incorporate legal and technological developments.[iii] 

CYBER CRIME

Cybercrime is a new form of crime involving illegal actions on or through computers, the internet, or approved technology. The most prevalent crime in India is cybercrime, which costs society and the government money and involves skilled criminals hiding their true identities.[iv] 

Definition: The Indian Legislature and Information Technology Act of 2000 do not define cybercrime, but it generally refers to criminal conduct using the internet or computers. 

In his book The Indian Cyber Laws with Cyber Glossary, Professor S.T. Viswanathan provides three definitions:

1.Computer crime involves a crime involving a computer as the instrument or object, aiming to influence its function.

2. Computer technology incidents resulting in victim loss and perpetrator profit are considered crimes.

3. Computer abuse refers to any unlawful, unethical, or unauthorized behavior involving automatic data processing and transfer.[v] 

According to the Oxford Dictionary, cybercrime is "Crime or a crime committed using computers or the internet."[vi] 

"Cybercrime may be defined as those species in which the genus is the conventional crime and where the computer is either an object or subject of the criminal conduct."[vii] 

“Cybercrime means any criminal or other offence that is facilitated by or involves the use of electronic communications or information systems, including any device or the Internet or any one or more of them" [viii] 

HISTORY AND EVOLUTION OF CYBERCRIME

Cybercrime has evolved with the Internet, starting with hacks to steal information. The first wave occurred in the late 80s with email, followed by the 90s with web browsers and viruses. Social media emerged in the early 2000s, causing personal information and ID theft. The latest wave is the global criminal industry, worth nearly half-trillion dollars annually. The first known cybercrime occurred in 1820, with the loom invented by Joseph-Marie Jacquard in 1820.[ix] 

DIFFERENCE BETWEEN CYBERCRIME AND CONVENTIONAL CRIME

Cybercrime differs from traditional crime in the evidence behind the crimes, as cybercriminals rely on the internet and leave little evidence. Investigations take longer in cybercrime due to fake names and remote locations, while conventional crimes involve less time due to left-off evidence. Additionally, cybercrimes do not require excessive force, as criminals use victims' identities to steal, unlike traditional crimes that often involve physical injury.[x] 

CLASSIFICATION OF CYBER CRIMES

1. Cyber Crime against individual

 Crimes against the person involve physical or psychological harm, such as assault, harassment, and stalking. Cybercrimes, such as stalking, pornography, bullying, child abuse, fraud, and cyber threats, involve cyber defamation, aiming to harm a person's reputation online. Several cybercrimes committed against people include:

•        E-mail Spoofing

•        Harassment via electronic mails

•        cheating

•        Phishing

2 Cyber Crime against property

Cybercrime against property is a growing concern due to the increasing use of electronic information in businesses and consumers, leading to cybercrimes such as sabotage, stealing banking information, and accessing organization websites. Cybercrimes against property include:

•        Intellectual property crimes

•        Cyber squatting

•        Transmitting virus

•        Hacking

•        Data theft

3. Cyber Crime against organization

Cybercriminals use cybercrimes to spread terror and threaten governments or international organizations, often instigating attacks from hostile governments, terrorist groups, or warring parties. Here are some examples of crimes against governments or organizations:

•        Unauthorized control of networks, systems

•        Possession of unauthorized information

•        Terroristic attacks 

•        Software piracy 

4.  Cyber Crime against society or nation 

Anti-social cybercrime involves illegal acts causing damage or altering cyberspace, affecting society as a whole, primarily targeting public interest and wider society. Cybercrimes against society include the following types of crimes:[xi] 

•          Child Pornography 

•          Trafficking (human) 

•          Financial crimes against society 

•          Online gambling 

•          Cyber terrorism

•          Attacks on critical infrastructure 

CAUSES OF CYBER CRIMES

1.     Economically motivated cyber crime 

2.     Personally motivated cyber crimes 

3.     Ideologically motivated cyber crime

4.     Structural causes

TYPES OF CYBER CRIMES

1. Cyber stalking

Cyber stalking is a crime where a victim is pursued online, often threatening them through harassment, property damage, or harassment. Cyber stalkers often believe they can hide, relying on anonymity. Effective cyber tools are needed to combat cybercrimes.12 

Manish kathuria And Ors. Etc vs. State of Punjab and Other Etc. 

The Manish Kataria case, involving Ritu Kohli, was the first cyber stalking incident in India, leading to a 2008 IT Act modification. The attacker, Manish Kathuria, admitted to the crime and was detained, but Section 509 was not used due to Supreme Court's unconstitutionality.

2. Hacking 

Hacking is the unauthorized access to a computer system or network for illegal or improper purposes. It involves intentional intrusion into a computer program without the owner's consent. This can lead to various cyber threats, including social media scams, web threats, email threats, data breaches, cloud hacks, and serious data breaches. It affects an entity's entire range of information and communication technologies.[xii] 

Jagjeet Singh vs. State of Punjab 

A company claimed ex-employees stole its databases and information, leading to a case involving the use of non-bailable IPC offenses of data theft and hacking. The Supreme Court ruled that these offenses would be used alongside the criminal provisions of the IT Act, demonstrating the seriousness of the judiciary in holding hackers and perpetrators accountable under both the IPC and the IT Act.[xiii] 

3. Phishing

Phishing is a scam where sensitive data is stolen through faking emails, often containing links to legitimate websites, and social engineering involves deceiving users into downloading malicious software.[xiv] 

Nasscom v Ajay Sood & others (2005)  

The High Court of Delhi ruled that a headhunting firm, run by defendants who used Nasscom's name to collect personal data, violated the trademark rights of the Indian software association.

The defendants were found to have fake identities and were liable for damages.[xv] 

4. Child Pornography 

Child pornography, a global prohibition, involves graphic, sexually explicit images and videos of children engaging in sexual activities, as defined by India's Protection of Children from Sexual Offences Act, 2012.[xvi] 

5. Web hijacking

Web Hijacking: Taking over another person's website with force is known as web hijacking. In this instance, the website owner no longer has control over the website's content. 18 

6. Denial of service

A denial-of-service (DoS) attack involves overloading a device or network in order to make it unusable. Attackers achieve this by flooding the target with more traffic than it can manage, leading it to crash and become unable to provide normal users with service. Examples of targets include email, online banking, webpages, and any other service that depends on a targeted network or machine.19 

MEASURES TO PREVENT CYBER CRIMES

•        By Using Strong Passwords

•        Make sure your social media profiles are set to private

•        Protect the data you store

•        Online identity protection

•        Continue regularly updating your passwords

•        Use security software to safeguard your computer

LEGAL AND REGULATORY METHODS OF CYBER CRIMES

INFORMATION TECHNOLOGY ACT, 2000:-

• Section 43 of the IT Act applies to cybercrimes, allowing owners to be reimbursed for computer damage without their permission. 

• Section 66: applies to any dishonest or fraudulent behavior covered by Section 43. In such cases, the maximum penalty is three years in jail or a fine of Rs. 5 lakhs.

• Section 66A: made it a punishable offense to send offensive information through computer or others electronic device. The provision also made it illegal to provide information that the sender believed to be false.

• Section 66B: of the IT Act outlines penalties for obtaining stolen computers or communication equipment, including a potential three-year jail sentence. 

• Section 66C: focuses on digital signatures, password hacking, and identity theft, with a fine of up to Rs. 1 lakh. 

• Section 66D: deals with impersonating someone else using computer resources to cheat, with a maximum sentence of three years and a Rs. 1 lakh fine. 

• Section 66E: punishes taking pictures of private areas without consent, with imprisonment of up to three years and/or a Rs. 2 lakhs fine. 

• Section 66F: deals with cyber terrorism, with individuals facing up to life imprisonment. 

• Section 67 involves electronically publishing obscenities, with a prison term of up to five years and a fine of up to Rs. 10 lakhs.[xviii] 

INDIAN PENAL CODE

• Section 292 originally designed to combat obscene material sales, now covers cybercrimes like electronic publication or transmission of sexually explicit acts of children. Penalties include imprisonment and fines of up to 2 years and Rs. 2000, respectively.

• Section 354C of the IT Act defines cybercrime as voyeurism, with first-time offenders facing up to 3 years in prison and second-time offenders up to 7 years.

• Section 354D addresses stalking, including physical and cyber stalking, with penalties ranging from 3 to 5 years and fines.

• In the Kalandi Charan Lenka v. the State of Odisha case, a victim suffered reputational harm after receiving vulgar texts from an unidentified caller, who also sent emails and created a fake Facebook account with modified pictures.

• SECTION 379 of the IPC Section punishes theft with up to three years in addition to a fine, primarily addressing cybercrimes involving stolen electronic devices or computers.

• SECTION 420 of the IPC criminalizes cheating and dishonesty inducing delivery of property, imposing seven-year imprisonment and a fine on cybercriminals involved in creating fake websites and cyber frauds, including password theft.

• SECTION 463 punishes electronic falsification, including email spoofing, with up to 7 years in prison and/or a fine. 

• SECTION 465 deals with forgery, with offenses like email spoofing and false document preparation ranging up to two years or both.

• SECTION 468 fraud with the intention of cheating punishes with a seven-year prison sentence and/or fine, this section also includes email spoofing.

CONCLUSION

The digital landscape is constantly evolving, making cyber security and cybercrime crucial for collective defense against malicious actors. Effective measures protect sensitive information, critical infrastructure, and individual privacy, empowering organizations and nations. Legal and regulatory frameworks must adapt to combat cybercrime, requiring collaboration among governments, private entities, academia, and civil society. Effective cyber security measures are both legal and moral obligations.

REFERENCES

[i] Sayyad muhammed, cyber security and cybercrime, 08, international research journal of engineering and technology,(2021), https://www.scconline.com/blog/wp-content/uploads/2020/07/20th-Harvard-bluebook.pdf.

[ii] Psareeen, the role of cyber law in cyber security, legalservicesindia,

https://www.legalserviceindia.com/legal/article-7646-the-role-of-cyber-law-in-cyber-security.html 

[iii] Nikunj Arora, cybercrime laws in India, IPLEADERS, ((oct.09, 2023, 7:05 PM), https://blog.ipleaders.in/cyber-crimelaws-in-india/#Cybersecurity_Framework_NCFS.  

[iv] PROF.R.K. CHOUBEY, AN INTRODUCTION TO CYBER CRIME AND CYBER LAW, (2012). 

[v] S.T. VISWANATHAN, THE INDIAN CYBER LAWS WITH CYBER GLOSSARY, p.81, (2001). 

[vi] Oxford languages, https://www.oed.com/search/dictionary/?scope=Entries&q=cyber+crime, (oct.06, 2023).

[vii] Naavi.org, https://www.naavi.org/pati/pati_cybercrimes_dec03.htm, (Oct.6, 2023)

[viii] Cybercrimes.org.za, https://cybercrime.org.za/definition, (oct.6, 2023)

[ix] Animesh Sarmah, Roshmi Sarmah, Amlan Jyoti Baruah, A brief study on Cyber Crime and Cyber Law’s of India, vol.4, International Research Journal of Engineering and Technology, (2017), https://www.southcalcuttalawcollege.ac.in/Notice/50446IRJET-V4I6303.pdf. 

[x] LINKEDIN, https://www.linkedin.com/pulse/classification-cyber-crime-its-differentiation-from-vivek-sharma/, (0ct.08, 2023).

[xi] Sambhav tripati, cybercrime and cyber security, IPLEADERS, Oct. 08, 2023), https://blog.ipleaders.in/cybercrime-and-cyber-security-an-overview/#Various_elements_of_cyber_security.  12 Ms. Heena Keswani, cyber stalking: a critical study, MANUPATRA, (2017), http://docs.manupatra.in/newsline/articles/Upload/455C1055-C2B6-4839-82AC-5AB08CBA7489.pdf. 

[xii] Hema modi, all you need to know cyber hacking, IPLEADERS, (Oct. 09, 2023, 4:27 PM)

[xiii] Jagjeet singh vs state of punjab, (2013) 10 SCC 686

[xiv] Sayyed muhammed, cyber security and cybercrime, vol. 08, international research journal of engineering and technology, (2021), https://www.irjet.net/archives/V8/i4/IRJET-V8I4339.pdf.

[xv] Shristi sinha, critical analysis of cybercrimes in India, IPLEADERS, (oct.09, 2023, 4:48 PM), https://blog.ipleaders.in/critical-analysis-cybercrime-india/. 

[xvi] Akshita Jain, remidies against child pornography in law, IPLEADERS, (oct.09, 2023, 5:30 PM). 18 Indiancybersquad, https://www.indiancybersquad.org/cyber-crime-types, (Oct. 09, 2023). 19 Chanchal agarwal, what is denial of service attack, (oct.09, 2023, 5:50 PM), siksha online, https://www.shiksha.com/online-courses/articles/denial-of-service-dos-attack/.

[xvii] Poona Auto Ancillaries Pvt. Ltd., Pune v. Punjab National Bank, HO New Delhi & Others, (2018). 

[xviii] OP Manocha, violating these cyber laws will land you in jail, the times of India, (oct.09, 2023, 6:40 PM), https://timesofindia.indiatimes.com/blogs/livesimply/violating-these-cyber-laws-can-land-you-in-jail/.